Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/nk4SahgFWk80fIeSvnfsgSbKV9k.roa
File: nk4SahgFWk80fIeSvnfsgSbKV9k.roa (raw, json)
Hash identifier: R/djDX/lfARqCaBhtyd4aE0ytKRR2G8QNSo5soMrv0s=
Subject key identifier: 9E:4E:12:6A:18:05:5A:4F:34:7C:87:92:BE:77:EC:81:26:CA:57:D9
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 0187FF715322756E13AF7148767332289149
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/nk4SahgFWk80fIeSvnfsgSbKV9k.roa
Signing time: Tue 09 May 2023 07:37:09 +0000
ROA not before: Tue 09 May 2023 07:37:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 0
IP address blocks: 188.212.132.0/24 maxlen: 24
188.212.133.0/24 maxlen: 24
87.247.148.0/24 maxlen: 24
188.240.230.0/24 maxlen: 24
188.240.232.0/24 maxlen: 24
185.241.209.0/24 maxlen: 24
185.241.210.0/23 maxlen: 24
91.188.204.0/24 maxlen: 24
89.37.63.0/24 maxlen: 24
93.115.254.0/23 maxlen: 24
188.213.203.0/24 maxlen: 24
185.255.169.0/24 maxlen: 24
185.255.170.0/24 maxlen: 24
185.103.72.0/24 maxlen: 24
185.238.10.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:ff:71:53:22:75:6e:13:af:71:48:76:73:32:28:91:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: May 9 07:37:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9e4e126a18055a4f347c8792be77ec8126ca57d9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:ce:3b:b8:59:ca:3d:b4:b8:2a:4a:cf:8f:da:
2c:7d:66:52:17:5f:3a:2c:12:32:85:c4:15:86:a4:
a9:0c:e3:9d:c4:3b:61:08:6b:fb:51:fc:c6:b8:fd:
87:e5:0a:4d:cd:54:82:ab:94:17:08:03:d1:0d:0b:
4c:da:98:fa:94:2f:80:0b:7e:76:36:97:de:64:52:
7e:0e:39:a5:17:8b:30:45:be:40:2c:b2:8d:b2:a9:
4e:d1:26:e5:3f:75:f9:5e:ea:6e:8d:f5:c9:5b:74:
c7:11:10:5e:2b:7b:96:48:c6:2e:c9:90:6d:d3:99:
70:86:00:6b:70:df:8f:cc:7c:e2:e8:94:dd:03:51:
e5:9c:d0:95:63:2b:69:ed:c6:0a:bc:50:87:f8:2d:
3d:2c:04:df:29:e6:72:7f:99:f1:e9:cc:d2:72:91:
f1:43:60:a0:8d:3c:d6:68:fc:bf:3f:08:f5:70:06:
c0:3c:ce:c5:fb:3c:a9:05:6d:92:af:46:a6:36:34:
d1:6b:e3:7d:a7:9a:ad:44:32:0b:b5:7b:a0:be:f2:
31:42:6d:9e:3f:f4:1a:30:8c:d1:45:98:2d:fd:48:
07:9c:49:b8:b7:b5:6b:f8:1e:7f:91:20:83:1e:b1:
13:d7:61:a3:fd:9a:ac:99:3a:c4:a9:2c:64:9e:aa:
65:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:4E:12:6A:18:05:5A:4F:34:7C:87:92:BE:77:EC:81:26:CA:57:D9
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/nk4SahgFWk80fIeSvnfsgSbKV9k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.247.148.0/24
89.37.63.0/24
91.188.204.0/24
93.115.254.0/23
185.103.72.0/24
185.238.10.0/24
185.241.209.0-185.241.211.255
185.255.169.0-185.255.170.255
188.212.132.0/23
188.213.203.0/24
188.240.230.0/24
188.240.232.0/24
Signature Algorithm: sha256WithRSAEncryption
03:62:e7:38:a1:56:0f:2e:0a:95:6f:0e:1c:70:09:f6:7c:58:
b7:8e:55:b7:5b:e9:6e:3e:46:70:6e:d4:c4:17:9f:1b:99:ce:
c5:08:67:2b:ca:bc:cd:26:e6:b6:50:57:58:5f:3b:1b:9c:07:
cf:c7:b2:f9:05:f4:9d:ac:f8:5f:62:aa:93:45:a6:71:4f:26:
33:d9:9b:17:70:03:d4:25:6e:bc:8d:b6:4c:36:c6:42:3d:85:
66:ae:7e:21:3f:55:04:06:49:4c:76:aa:1a:63:73:2b:7e:03:
8d:a6:70:0b:05:c2:dd:ad:b4:26:ac:27:3b:26:f9:44:c5:19:
1c:b3:ef:46:dd:3d:17:55:41:da:9f:39:20:b1:d3:9b:53:23:
06:dd:d7:f1:b2:18:e9:b6:68:a4:6b:d4:c4:43:b0:e2:f7:5c:
eb:d3:6d:ee:bc:2d:86:7c:b5:23:ff:c7:3c:ac:ba:5f:91:c1:
bf:3c:29:6b:08:70:69:21:6a:31:78:39:4c:ea:dc:8b:2b:ae:
25:67:c6:97:50:84:75:a0:7f:dc:ab:98:e3:57:71:6d:0f:c7:
bf:51:96:90:ea:06:5f:39:04:fa:54:73:c1:18:a8:ee:8d:d6:
f6:5c:47:e8:d8:9e:97:f9:76:57:7c:49:b2:58:3e:22:18:6e:
23:1e:b4:9c
-----BEGIN CERTIFICATE-----
MIIFTzCCBDegAwIBAgISAYf/cVMidW4Tr3FIdnMyKJFJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwNTA5MDczNzA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZTRlMTI2YTE4MDU1YTRmMzQ3Yzg3OTJiZTc3ZWM4MTI2Y2E1N2Q5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi847uFnKPbS4KkrPj9osfWZSF186
LBIyhcQVhqSpDOOdxDthCGv7UfzGuP2H5QpNzVSCq5QXCAPRDQtM2pj6lC+AC352
NpfeZFJ+DjmlF4swRb5ALLKNsqlO0SblP3X5XupujfXJW3THERBeK3uWSMYuyZBt
05lwhgBrcN+PzHzi6JTdA1HlnNCVYytp7cYKvFCH+C09LATfKeZyf5nx6czScpHx
Q2CgjTzWaPy/Pwj1cAbAPM7F+zypBW2Sr0amNjTRa+N9p5qtRDILtXugvvIxQm2e
P/QaMIzRRZgt/UgHnEm4t7Vr+B5/kSCDHrET12Gj/ZqsmTrEqSxknqplJwIDAQAB
o4ICWzCCAlcwHQYDVR0OBBYEFJ5OEmoYBVpPNHyHkr537IEmylfZMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvbms0U2FoZ0ZXazgwZkllU3ZuZnNnU2JLVjlrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHEGCCsGAQUFBwEHAQH/BGIwYDBeBAIAATBYAwQAV/eUAwQA
WSU/AwQAW7zMAwQBXXP+AwQAuWdIAwQAue4KMAwDBAC58dEDBAK58dAwDAMEALn/
qQMEALn/qgMEAbzUhAMEALzVywMEALzw5gMEALzw6DANBgkqhkiG9w0BAQsFAAOC
AQEAA2LnOKFWDy4KlW8OHHAJ9nxYt45Vt1vpbj5GcG7UxBefG5nOxQhnK8q8zSbm
tlBXWF87G5wHz8ey+QX0naz4X2Kqk0WmcU8mM9mbF3AD1CVuvI22TDbGQj2FZq5+
IT9VBAZJTHaqGmNzK34DjaZwCwXC3a20JqwnOyb5RMUZHLPvRt09F1VB2p85ILHT
m1MjBt3X8bIY6bZopGvUxEOw4vdc69Nt7rwthny1I//HPKy6X5HBvzwpawhwaSFq
MXg5TOrciyuuJWfGl1CEdaB/3KuY41dxbQ/Hv1GWkOoGXzkE+lRzwRio7o3W9lxH
6Niel/l2V3xJslg+IhhuIx60nA==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:03:03 2023 by rpki-client on console-fra.rpki-client.org